package com.nais.course.configs;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.config.annotation.InterceptorRegistration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import com.nais.authority.AuthorityContext;
import com.nais.authority.UserModel;

@Configuration
public class WebSecurityConfig extends WebMvcConfigurerAdapter{
	
	public final static String SESSION_KEY = "nais_key";
	
	@Bean
    public SecurityInterceptor getSecurityInterceptor() {
        return new SecurityInterceptor();
    }
	
	@Override
	public void addInterceptors(InterceptorRegistry registry) {
        InterceptorRegistration addInterceptor = registry.addInterceptor(getSecurityInterceptor());

        // 排除配置
        addInterceptor.excludePathPatterns("/error");
        addInterceptor.excludePathPatterns("/login**");
        
        // 支付宝异步回掉
        addInterceptor.excludePathPatterns("/pay/alipay/notify");

        // 拦截配置
        addInterceptor.addPathPatterns("/**");
    }
	
	@Override
	public void addResourceHandlers(ResourceHandlerRegistry registry) {
		registry.addResourceHandler("/images/**").addResourceLocations("classpath:/templates/images/");
		registry.addResourceHandler("/css/**").addResourceLocations("classpath:/templates/css/");
		registry.addResourceHandler("/js/**").addResourceLocations("classpath:/templates/js/");
		super.addResourceHandlers(registry);
	}
	
	
	private class SecurityInterceptor extends HandlerInterceptorAdapter {

        @Override
        public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
                throws Exception {
            HttpSession session = request.getSession();
            String s = (String) session.getAttribute(SESSION_KEY);
            if (session.getAttribute(SESSION_KEY) != null) {    
            	UserModel user = new UserModel();
            	user.setUsername(s);
            	AuthorityContext.setUserMode(user);
            	return true;
            }
            // 跳转登录
            String url = "/login";
            response.sendRedirect(url);
            return false;
        }
   
        @Override
    	public void postHandle(
    			HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView)
    			throws Exception {
    				
    	}
    	
    	
    	@Override
    	public void afterCompletion(
    			HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
    			throws Exception {
    		
    		AuthorityContext.clearModel();
    	}
	}
	
	
	

}
